Privacy Policy Messenger Publications 2018

The purpose of this privacy policy is to give you a clear explanation about how Messenger Publications use the personal information you provide to us and that we collect, whether online, via phone, email, in forms, letters or in any other correspondence or from third parties.

We ensure that we use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:

What information Messenger Publications may collect about you and how we collect it

How we will use that information

Whether we disclose your details to anyone else

Your choices regarding the information you provide to us.

If you have any queries about this please contact dataprotection@messenger.ie

Who We Are

Messenger Publications is the publishing organisation of the Jesuits in Ireland.

We have published THE SACRED HEART MESSENGER since 1888 and it is still one of Ireland’s bestselling magazines, distributed globally and by our wonderful promoters around Ireland.

The IGNATIAN BOOKSHOP is available online and at our offices on Lower Leeson Street, Dublin. We specialise in titles on Ignatian Spirituality, Pope Francis, St Ignatius of Loyola, and books by Jesuits.

MESSENGER PUBLICATIONS publishes over thirty books annually as well as pamphlets and booklets. We design, produce and market our own titles, and we also offer these services to other organisations.

We reach out to young people through RE:LINK, a very popular supplement to our magazine, offering unique content to complement the Irish Junior Certificate religious education curriculum.

Your information may be shared with us by independent third parties, but they will only do so when you have indicated that you are happy for your details to be passed on to us. You should check their Privacy Policy when you provide your information, so that you understand fully how they will process your data. If in doubt contact us on dataprotection@messenger.ie or phone 01 6767491 and ask for Michael O’Connor.

What Data We Collect

The type and quantity of information we collect and how we use it depends on why you are providing it.

Subscribers

If you subscribe to a magazine we will collect:

Your name

Your postal address

Your email address

If you subscribe to an email newsletter we will collect:

Your name

Your email address

Customers and Supporters

If you are a customer, for example, you buy something, or if you support us, for example make a donation or sign up for an event or retreat, we will usually collect:

Your name

Your contact details: postal and/or email address

We retain records of your donations and the events you have attended.

If you use your credit or debit card to donate to us, buy something or pay for a registration online or over the phone, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. You can find out more information about PCI DSS on their website – https://www.pcisecuritystandards.org/security_standards/index.php

We do not store your credit or debit card details at all, following the completion of your transaction. All card details and validation codes are securely destroyed once the payment or donation has been processed. Only staff authorised and trained to process payments will be able to see your card details.

Where it is appropriate in order to offer you a good service, for example on a residential retreat, we may also ask for:

In accordance with the laws concerning tax information, our accounts department will keep on file documentation regarding all purchases and invoices, in and out, for the number of years required by statute. This information will be kept on the Accounts system only, and will be password protected. This information will include:

Your name

Your contact details as provided at the time of transaction

Invoice/Purchase details/donation, etc.

Sensitive data

Data Protection law recognises that certain categories of personal information are more sensitive. This is known as sensitive personal data and covers health information, race, and religious beliefs. We do not usually collect ‘sensitive personal data’ about our supporters unless there is a clear reason for doing so, such as ensuring your needs are met if you attend an event. In this case, the information is not detailed, only referenced for that event, and is deleted as soon as practicable after the event.

Why We Collect Data

We will mainly use your data to:

Provide you with the services, products or information you asked for

Administer your donation

Let you know about new services, products and ways you can support us

Keep a record of your relationship with us

Ensure we know how you prefer to be contacted

Understand how we can improve our services, products or information.

If you enter your details onto one of our online forms, and you don’t ‘send’ or ‘submit’ the form, we may contact you to see if we can help with any problems you may be experiencing with the form or our websites.

We may also use your personal information to detect and reduce fraud.

How We Share Data

We will not normally share your data, neither with other organisations nor with the various apostolic works of the Jesuits In Ireland.

We will only share your information if:

We are legally required to do so, e.g. by a law enforcement agency legitimately exercising a power or if compelled by an order of the Court

We believe it is necessary to protect or defend our rights, property or the personal safety of our people or visitors to our premises or websites

We are working with a carefully-selected partner that is carrying out work on our behalf. These partners may include mailing houses and IT specialists. The kind of work we may ask them to do includes processing, packaging, mailing and delivering purchases or magazines, sending postal mail, emails and text messages, carrying out research or analysis and processing payments. We only choose partners we can trust. We will only pass personal data to them if they have signed a contract that requires them to:

abide by the requirements of the General Data Protection Regulation

treat your information as carefully as we would

only use the information for the purposes it was supplied (and not for their own purposes or the purposes of any other organisation)

allow us to carry out checks to ensure they are doing all these things.

We will never share, sell or swap your details with any third parties for the purposes of their own marketing or the monetising of your data.

We will only ever share your data in other circumstances if we have your explicit and informed consent.

How We Store Data

We store information on computers located in Ireland. We may transfer data to our reputable third party suppliers as explained above (e.g. Our cloud storage, or technical support). These third parties may be situated inside or outside the European Economic Area, but will be required to be General Data Proctecion Regulation (GDPR) compliant. We may also store information in paper files.

We place a great importance on the security of all personally identifiable information associated with our supporters and customers. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal data under our control. For example, only authorised personnel are allowed to access user information and we use secure server software (SSL) to encrypt financial and personal information you input before it is sent to us. We password protect each computer terminal, and password protect our data files.

While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.

Unfortunately, the transmission of data across the internet is not completely secure and whilst we do our best to try to protect the security of your information we cannot guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred.

Where you or we have provided a password enabling you to access parts of our websites it is your responsibility to keep this password confidential. Please don’t share your password with anyone.

We will keep your information only for as long as we need it to provide you with the services or information you have required, to administer your relationship with us, to inform the preferences of our supporters, to comply with the law, or to ensure we do not communicate with people that have asked us not to.

When we no longer need information we will always dispose of it securely, using specialist companies if necessary to do this work for us.

Your Rights

The General Data Protection regulation gives you certain rights over your data and how we use it. These include:

the right to have inaccurate personal data rectified, blocked, erased or destroyed

the right to prevent your data being used for direct marketing

the right of access to a copy of the information we hold about you (known as a subject access request).

Access Requests must be made in writing by post with a description of the information you want to see, and proof of your identity. Please send your request by post to: Data protection, Messenger Publications, 37 Lower Leeson Street, Dublin D02 W983.

We do not accept Access Requests by email so we can ensure that we only provide personal data to the right person.

We will respond within one month of receipt of your written request and confirmed ID. Please provide as much information as possible about the nature of your contact with us to help us locate your records.

Where you have provided your consent for our use of your personal information, you always have a right to withdraw your consent at any time.

For more information about your rights under the Data Protection Act go to the website of the Data Protection Commissioner at www.dataprotection.ie

For further information please contact our office on 01 6767491 or email dataprotection@messenger.ie so we can direct your enquiry.